[Freeipa-users] Importing from shadow: ERROR: Constraint violation: pre-hashed passwords are not valid
Alexander Bokovoy
abokovoy at redhat.com
Wed Jan 6 08:42:41 UTC 2016
On Wed, 06 Jan 2016, Simpson Lachlan wrote:
>Hi,
>
>New install of FreeIPA 4.2.0-15.el7.centos.3 on Centos 7.2.1511 (and
>I'm very new to FreeIPA)
>
>Following the advice I got from here:
>http://www.freeipa.org/page/NIS_accounts_migration_preserving_Passwords
>
>I dumped old shadow into a csv, then wrote a small bash script to
>import all the users:
>
>#!/bin/bash
>INPUT=s.csv
>IFS=,
>
>kinit admin
>
>[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; }
>while read lname pw
>do
>
> echo "Importing user $lname"
> FIRST=${lname:0:1}
> LAST=${lname:1}
>
> ipa user-add $lname --first $FIRST --last $LAST --setattr userpassword={crypt}"$pw"
>
>
>done < $INPUT
>
>When I execute this, I get this error for every entry: "ipa: ERROR:
>Constraint violation: pre-hashed passwords are not valid"
>
>What have I done wrong?
Did you enable migration mode? The check in the password plugin is
conditioned on allowing pre-hashed passwords only when the migration
mode is on.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list